Malware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accounts - BleepingComputer
bleepingcomputer.comSubmitted by bleepingcomputer3898 in technology
Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "MultiLogin" to restore expired authentication cookies and log into users' accounts, even if an account's password was reset.